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COPYRIGHT NOTICE 
A portion of the disclosure of this patent document contains material which is subject 
5 to copyright protection. The copyright owner has no objection to the facsimile reproduction 
by anyone of the patent document or the patent disclosure, as it appears in the U.S. Patent 
and Trademark Office patent files or records, but otherwise reserves all copyrights 
whatsoever. 

1 0 BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention generally relates to the display of data available over a 
network. More particularly, the invention provides for the integrated display of at least one 
item of public data and at least one item of private data. 
15 . 

2. Background of the Prior Art 

The Internet, which comprises a vast array of computer networks distributed 
throughout the world, provides online service subscribers with an almost limitless supply of 
information. Some of this information is public, and some is private. As used herein, public 

20 information refers to data, applications, and other such information which is equally 
accessible by all or substantially all users of a public network. Private information refers to 
information which is accessible by less than substantially all users, namely by one or more 
authorized parties, and usually requires a user to verify his or her identity in some way (e.g., 
by supplying a user name and password). Public information includes, for example, the 

25 weather in Tokyo as offered by a weather information website, the price of airfares from 
New York to London as provided by a travel related site, and other such information. 
Private information includes, for example, bank account records, 401k account information, 
and credit card balance information. Such information is typically accessible via an 
appropriate financial institution, bank and/or credit card website. 

30 Information on the Internet can also be classified as either internal or external. 

Internal information includes that information which is provided by a company, through a 
website (or other network protocol), that is proprietary to that company. External 
information is information that is accessible from websites other than the website of the 
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particular company. For example, if a user visits the site of her bank and accesses various 
account information, she is accessing internal information. If she then wishes to check the 
Dow Jones Industrial Average Stock Index on a page that is not a part of the bank's website, 
she will be accessing external information. Any one company may include multiple internal 
5 content providers. For example, one provider within the company may provide retirement 
account information, another may provide mutual fund account information, and a third may 
provide credit card balances and a method for paying balances on the Internet. 

Known systems for acquiring and displaying information are unsatisfactory in a 
number of respects. For example, prior art systems do not sufficiently allow an individual to 

10 access and view both public and private data simultaneously. Thai is, viewing combinations 
of public and private data usually includes jumping between two or more websites, viewing 
only one at a time, or using two separate digital viewing devices, such as two computer 
screens. While some systems integrate public and private data on one screen, these systems 
are limited. For example, U.S. Patent No. 5,319,542 describes a system for ordering items 

15 from an electronic catalogue. The system of the '542 Patent does allow a user to 
simultaneously view items in a catalogue (public data) and an order form including purchase 
information (private data). Moreover, the system remains static until updated by the user 
and is not interactively linked to the utilities or interactive services of the catalogue business 
or other entities, such as business partners of the catalogue business. In other words, the 

20 system usually includes the user inputting all of the private information that she then views 
in her order form. Thus, private information from the company's data stores is not made 
automatically available to the user. 

Furthermore, with the proliferation of Internet use, systems have been described 
which track and process user preferences so that Internet service providers (ISPs) can 

25 customize user experiences or target marketing efforts to users with specified preferences. 
An example of target marketing is disclosed in U.S. Patent No. 6,157,946, the target 
marketing contents of which are hereby incorporated by reference. Additionally, U.S. Patent 
Nos. 5,848,396 and 5,991,735 owned by Freedom of Information, Inc. and Be Free, Inc., 
respectively, generally disclose a computer network for providing targeting of appropriate 

30 audiences based on psychographic or behavioral profiles of the end users, and are herein 
incorporated by reference. To track user preferences, some prior art systems create user 
profiles based on direct input by the user or on an automatic analysis of the websites 
accessed by the user. Known systems, however, do not typically automatically track both 
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private and public data, accessed by a user, to create a user profile. Some existing systems 
create user profiles based on a user's consumption of public electronic data, while other 
existing systems create profiles based on private data manually input by the user. A system 
is needed that combines the two types of data to create profiles while automatically adding 
5 pre-existing data from proprietary databases. Additionally, prior art systems do not allow a 
company or other entity to combine proprietary data, from one or more internal content 
providers, and user preferences of public data as variable input to business rules to create 
unique, individually tailored services containing both public and private elements. 

Thus, a need exists for systems that allow a user to simultaneously access and view 

10 public and private data on the same network interface device or system, such as a web page, 
wireless screen, other digital viewing device or printer. There is also a need for a system 
that automatically tracks user preferences, based on the public and private data accessed by 
the user and on data from one or more internal content provider data stores. Finally, a need 
exists for a system that allows a company to use automatically derived user preference data 

1 5 to personalize the user's experience on the company' s website. 

BRIEF SUMMARY OF THE INVENTION 
The system facilitates the simultaneous access and viewing of public and private data 
by integrating the two forms of data. Public and private data may be accessed from at least 

20 one internal content provider, at least one external content providers or a combination of 
both. In other embodiments, the system allows internal content providers to create user 
profiles responsive to proprietary user information from their own databases and 
automatically-generated information regarding user preferences of information accessed 
from the a network. Internal content providers can then use these profiles to personalize, for 

25 example, the experiences of the customers who use their website, and/or to specifically 
target marketing materials to its customers. 

BRIEF DESCRIPTION OF THE FIGURES 
Additional aspects of the present invention will become evident upon reviewing the 
30 non-limiting embodiments described in the specification and the claims taken in conjunction 
with the accompanying figures, wherein like numerals designate like elements, and: 

FIG. 1 is a conceptual block diagram providing an exemplary overview of the system 
according to one embodiment of the present invention; 
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FIG. 2 is a conceptual block diagram depicting an exemplary integration of 
information from multiple internal and external content providers on one digital display; 

FIG. 3 is a flow diagram showing an exemplary integration of information from 
various sources to form a web page on one digital display; 
5 FIG. 4 is a flow diagram depicting in further detail an exemplary flow of information 

through the web server of the system according to the present invention; 

FIG. 5 is a flow diagram showing an exemplary flow of information from the client 
tier to the back-end tier and from the back-end tier to the client tier; and 

FIG. 6 is an exemplary screen shot of a personal web site created according to one 
1 0 embodiment of the present invention. 

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS 
A system in accordance with various aspects of the present invention facilitates 
simultaneously accessing and viewing public and private data from at least one content 

15 provider. In this regard, the description that follows sets forth various exemplary 
embodiments of the invention only, and is not intended to limit the scope, applicability, or 
configuration of the invention in any way. Rather, the following description is intended to 
provide convenient illustrations for implementing different embodiments of the invention. 
As will become apparent, various changes may be made in the function and arrangement of 

20 the elements described in these embodiments without departing from the spirit and scope of 
the invention. For example, changes may be made in the design and arrangement of the 
elements described in the preferred embodiments without departing from the scope of the 
invention as set forth in the appended claims. 

The system may include a host server or other computing systems including a 

25 processor for processing digital data, a memory coupled to said processor for storing digital 
data, an application program stored in said memory and accessible by said processor for 
directing processing of digital data by said processor, a display coupled to the processor and 
memory for displaying information derived from digital data processed by said processor 
and a plurality of databases, said databases including client data, merchant data, financial 

30 institution data and/or like data that could be used in association with the present invention. 
As those skilled in the art will appreciate, user computer will typically include an operating 
system (e.g., Windows NT, 95/98/2000, Linux, Solaris, etc.) as well as various conventional 
support software and drivers typically associated with computers. Alternatively, user system 
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may be a personal digital assistant ("PDA"), internet enabled wireless phone or the like. 
User system can be in a home or business environment with access to a network. In an 
exemplary embodiment, access is through the Internet, through a commercially-available 
web-browser software package. 
5 The host computer may provide a suitable website or other Internet-based graphical 

user interface which is accessible by user systems. In one embodiment, the Internet 
Information Server, Microsoft Transaction Server, and Microsoft SQL Server, are used in 
conjunction with the Microsoft operating system, Microsoft NT web server software, a 
Microsoft SQL database system, and a Microsoft Commerce Server. Additionally, 

10 components such as Oracle, MySQL, Intervase™, etc., may be used to provide database 
management system. The term "webpage" as it is used herein is not meant to limit the type 
of documents and applications that might be used to interact with the user. For example, a 
typical website might include, in addition to standard HTML documents, various forms, Java 
applets, Javascript, active server pages (ASP), common gateway interface scripts (CGI), 

15 extensible markup language (XML), dynamic HTML, cascading style sheets (CSS), helper 
applications, plug-ins, and the like. 

The present invention may be described herein in terms of functional block 
components, screen shots, optional selections and various processing steps. It should be 
appreciated that such functional blocks may be realized by any number of hardware and/or 

20 software components configured to perform the specified functions. For example, the 
present invention may employ various integrated circuit components, e.g., memory elements, 
processing elements, logic elements, look-up tables, and the like, which may carry out a 
variety of functions under the control of one or more microprocessors or other control 
devices. Similarly, the software elements of the present invention may be implemented 

25 with any programming or scripting language such as C, C++, Java, COBOL, PERL, with the 
various algorithms being implemented with any combination of data structures, objects, 
processes, routines or other programming elements. Further, it should be noted that the 
present invention may employ any number of conventional techniques for data transmission, 
signaling, data processing, network control, and the like. 

30 It will be appreciated that many applications of the present invention could be 

formulated. One skilled in the art will appreciate that the network may include any system 
for exchanging data or transacting business, such as the Internet, an intranet, an extranet, 
WAN, LAN, VPN (virtual private network), satellite communications, and/or the like. It is 
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noted that the network may be implemented as other types of networks, such as an 
interactive television (TTV) network. The users may interact with the system via any input 
device such as a keyboard, mouse, kiosk, personal digital assistant, handheld computer, 
cellular phone and/or the like. Similarly, the invention could be used in conjunction with any 
5 type of personal computer, network computer, workstation, minicomputer, mainframe, or the 
like running any operating system such as any version of Windows, Windows NT, Windows 
2000, Windows 98, Windows 95, MacOS, OS/2, BeOS, Linux, UNIX, Solaris or the like. 
Moreover, although the invention is frequently described herein as being implemented with 
TCP/IP communications protocols, it will be readily understood that the invention could also 
10 be implemented using IPX, Appletalk, IP-6, NetBIOS, OSI or any number of existing or 
future protocols. Moreover, the system contemplates the use, sale or distribution of any 
goods, services or information over any network having similar functionality described 
herein. 

The computing units may be connected with each other via a data communication 

15 network The network may be a public network and assumed to be insecure and open to 
eavesdroppers. In the illustrated implementation, the network may be embodied as the 
internet. In this context, the computers may or may not be connected to the internet at all 
times. For instance, the customer computer may employ a modem to occasionally connect 
to the internet, whereas the bank computing center might maintain a permanent connection 

20 to the internet. Specific information related to the protocols, standards, and application 
software utilized in connection with the Internet may not be discussed herein. For further 
information regarding such details, see, for example, DILIPNAIK, INTERNET STANDARDS AND 
PROTOCOLS (1998); JAVA 2 COMPLETE, various authors, (Sybex 1999); DEBORAH RAY AND 
Eric Ray, mastering HTML 4.0 (1997). Loshen, TCP/IP Clearly Explained (1997). All 

25 of these texts are hereby incorporated by reference. 

The systems may be suitably coupled to network via data links. A variety of 
conventional communications media and protocols may be used for data links. Such as, for 
example, a connection to an Internet Service Provider (ISP) over the local loop as is 
typically used in connection with standard modem communication, cable modem, Dish 

30 networks, ISDN, VPN, Digital Subscriber Line (DSL), or various wireless communication 
methods. Merchant system might also reside within a local area network (LAN) which 
interfaces to network via a leased line (Tl, D3, etc.). Such communication methods are well 
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known in the art, and are covered in a variety of standard texts. See, e.g., GILBERT HELD, 
Understanding Data Communications (1996), hereby incorporated by reference. 

Figure 1 is a conceptual block diagram providing an overview of an exemplary 
system in accordance with one embodiment of the present invention. As shown, the system 
5 can be partitioned as a four-tier structure, including a back-end systems tier 102, an 
application server tier 104, a web server tier 106, and a client tier 108. The backend systems 
tier 102 suitably comprises, for example, one or more external content providers 116, one or 
more internal content providers 120, and a processor 118 coupled to the content providers 
116. Each external content provider 116 and each internal content provider 120 suitably 

10 includes, for example, one or more data storage devices configured to store public and/or 
private information as applicable. 

The data storage devices for the backend systems may be any type of data storage 
device, such as relational, hierarchical, object-oriented, and/or the like. Common data 
storage products that may be used to implement the databases include DB2 by IBM (White 

15 Plains, NY), any of the database products available from Oracle Corporation (Redwood 
Shores, CA), Microsoft Access by Microsoft Corporation (Redmond, Washington), or any 
other database product Database may be organized hi any suitable manner, including as 
data tables or lookup tables. Association of certain data may be accomplished through any 
data association technique known and practiced in the art. For example, the association may 

20 be accomplished either manually or automatically. Automatic association techniques may 
include, for example, a database search, a database merge, GREP, AGREP, SQL, and/or the 
like. The association step may be accomplished by a database merge function, for example, 
using a "key field" in each of the manufacturer and retailer data tables. A "key field" 
partitions the database according to the high-level class of objects defined by the key field. 

25 For example, a certain class may be designated as a key field in both the first data table and 
the second data table, and the two data tables may then be merged on the basis of the class 
data in the key field. In this embodiment, the data corresponding to the key field in each of 
the merged data tables is preferably the same. However, data tables having similar, though 
not identical, data in the key fields' may also be merged by using AGREP, for example. 

30 Application server 110 is any hardware and/or software suitably configured to 

process messages from and to web server tier 106 and back-end systems tier 102. More 
particularly, in an exemplary embodiment, application server tier 104 suitably includes an 
application server 1 10 coupled to a personal preferences data store 122 and a personal profile 



7 



WO 02/01323 PCTYUS01/20663 

data store 124 (e.g., a lightweight directory access protocol database, or "LDAP")- In the 
illustrated embodiment, each external content provider 116 from the backend systems tier 
102 is suitably, connected to the application server via processor 118, and each internal 
content provider 120 is suitably connected to application server 110. Personal preferences 
5 data store 122 and personal profile data store 124 are also suitably coupled to application 
server 110. 

Referring now to Figs. 1 and 2, an exemplary display 202, produced by the system of 
Fig. 1 (e.g., a web page displayed on a computer monitor), includes integrated data 204 from 
various internal content providers 120 and external content providers 116 (Fig. 1). In one 

10 embodiment of the present invention, integrated data 204 may comprise data from one or 
more internal content providers 120 and data from one or more external content providers 
116. Alternatively, integrated data 204 may derive only from one or more internal content 
providers 120, with no integrated data 204 from any external content provider 116. 
Integrated data 204 comprises at least one item of public data and at least one item of private 

15 data. In one embodiment, integrated data 204 is interactively or automatically updated in 
accordance with any changes, modifications, or updates that might occur at the respective 
internal or external content providers 120 or 116. Interactive updating refers to pulling data 
from data stores by a user system 126, such as when user system 126 requests a credit card 
balance. Automatic updating refers to pushing data out of a data store to user system 126 

20 without the user system 126 requesting it, for example if user system 126 is automatically 
provided with the Dow Jones Industrial Average. 

In one embodiment of the present invention, one or more internal content providers 
120 include a proprietary data store of an organization (e.g., a company, educational 
institution, financial institution, or the like). Typically, internal content providers 120 are 

25 selected from a suite of services offered by one of internal content providers 120. For 
example, a user may choose to display brokerage services, card balances, and 401K account 
information from a list of available information made accessible by a financial institution 
corresponding to internal content provider 120. In one embodiment of the present invention, 
each site aggregates network users 126 to create what is referred to as a web portal. Portals 

30 may be configured to provide access to content and functionality centered around common 
interests or may differ in their focus and objectives. Thus, the system according to the 
present invention suitably integrates public and private data into integrated data 204, which 
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is displayed on user system 126, for example a single customizable page on one digital 
display 202, and which reflects a network user's preferences. 

Having thus given an overview of the present invention, a detailed description of its 
various components will now be provided. 

5 

Application Server 

As mentioned briefly above, application server 110 is any hardware and/or software 
suitably configured to process messages from and to web server tier 106 and back-end 
systems tier 102. In accordance with one embodiment of the present invention, application 

10 server 110 uses Java or any type of general purpose programming language that supports the 
creation of dynamic web page content. In accordance with one embodiment of the present 
invention, general application server 110 utilizes Java Server Pages ("JSPs") and JavaBeans 
to populate web forms with local databases, client/server databases, and legacy databases to 
access multiple server resources. JSPs enable developers to effectively separate HTML 

15 coding from the business logic in web pages. Furthermore, various companies, e.g. IBM, 
have developed extensions to the JSP specification that include JSP tags, which are HTML- 
like and can be used to access databases, and reusable Java components, such as servlets and 
JavaBeans. For further information regarding such details, see, for example, NICHOLAS 
Kassem and the Enterprise Team, Designing Enterprise Applications with the Java 

20 2 Platform, Enterprise Edition (2000), which is hereby incorporated by reference. The 
web forms, including, inter alia, Java applets, are exposed to the user's browser and are then 
transferred through the various JSPs to a collection of Java Servlets. Java Servlets are then 
transferred to an MQ Series connector, a TCP/IP connector, or a JDBC (Java Database 
Connector). Data then travels from the MQ Series connector to a transaction server and then 

25 to a legacy application and, subsequently, legacy databases. Other data travels from the 
TCP/IP connector to TCP/IP sockets and then to client/server applications and, subsequently, 
client/server databases. Still other data travels from the JDBC to local databases. In 
accordance with one aspect of the present invention, Java components are suitably created to 
provide HTML authors with component names and attributes, wherein the appropriate 

30 database administrators provide HTML authors with the name of the database to be accessed 
along with table information. 

An additional feature of application server tier 104, according to one embodiment of 
the present invention, is the internal "smart-caching" of data. Smart-caching allows rules to 
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be associated with data elements, defining when the distributed system must expend the 
additional overhead to make a new call to the system of record, rather than using a 
previously cached set of information. For example, in the context of a credit card provider 
with a rewards system, if it is known that updates of loyalty rewards points are only done 
5 monthly, when an additional request for rewards data is made within the month, the cached 
data is returned, thus improving performance and system load. 

Referring to Figure 1, in accordance with one embodiment of the present invention, 
personal profile data store 124 is connected to application server 110 and is configured to 
personalize the experience of network user systems 126. Specifically, user system 126 

10 communicates with personal profile data store 124 by making a request over network 114. 
Such requests are referred to as "binding requests." Binding requests may include, for 
example, the user's data store current version, the method of authentication, and any 
credentials for authentication. Personal profile data store 124 then receives the binding 
request and accesses backend functions for a return reply. In one embodiment, the system 

15 stores user system's 126 profile in a personal profile data store 124 and uses the information 
to dynamically create a customized page. 

In one embodiment of the invention, after the application is loaded, a servlet 
continues to wait for additional user system 126 requests. Servlet aliases may be used to 
provide multiple instances of a servlet for each request. The functionality of a servlet 

20 includes, for example: creating and returning an entire HTML page containing dynamic 
content based on the nature of user system's 126 request; creating a portion of an HTML 
page or HTML fragment that can be embedded in an existing HTML page; communicating 
with other servlets; handling connections with multiple user systems 126; filtering data for 
special processing such as image conversion; and providing customized processing to any of 

25 web server's 1 12 standard routines. 

Any convenient set of hardware and/or software components may be configured in 
order to provide the functionality of application server 110, personal preferences data store 
122, and personal profile data store 124. For example, in one embodiment, a Sun Enterprise 
450 server can be used, equipped with one to four Ultra-SPARC-II processors, 128 MB to 

30 4GB total memory capacity, Solaris 2,6 operating system, IBM WebSphere application 
server 3.5. 
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Web Server 

Web server 112 is any hardware and/or software suitably configured to provide a 
web service to network user systems 126 and/or to interface with network 114 and 
application server 110. In the illustrated embodiment, application server 110 is connected, 
5 via a suitable data connection 130, to web server 112 within the web server tier 106. In 
accordance with a preferred embodiment of the present invention, web server 112 uses 
servlets to provide a framework for creating applications that implement a request/response 
paradigm. As mentioned above, in an exemplary embodiment, a servlet is a server side 
component, written in Java, that dynamically extends the functionality of a server. Servlets 

10 are used to extend a web server's 112 capabilities by creating a framework for providing 
request and response services over the network. In one embodiment of the present 
invention, network user system 126 sends a request to web server 112 and the server 112 
sends the request information to a Java servlet. The servlet can be loaded automatically 
when the application is loaded or can be loaded the first time a user system 126 requests its 

15 services. The servlet dynamically builds a response according to the user system's 126 
request by utilizing other server 112 resources, including databases and Java-enabled 
applications. The servlet then passes a response to the web server 1 12, which sends the 
response back to the user system 126. 

A variety of hardware and/or software components may be configured to implement 

20 the functionality of web server 112. For example, in one embodiment, a Sun Enterprise 450 
server can be used, equipped with one to four Ultra-SPARC-H processors, 128 MB to 4GB 
total memory capacity, Solaris 2.6 operating system, Netscape Enterprise Web Server. 

Network and User Systems 

25 According to one embodiment of the present invention, web server 1 12 is connected 

to network 114 via a web/network connection 128. Network 114, in turn, is connected to 
one or more network user systems 126. In one embodiment of the invention, network user 
systems 126 access the network 1 14 via the Internet or other global communications system. 
Alternatively, users may choose to access network 1 14 via remote access. New, unregistered 

30 or opted-out network user systems 126 may be provided a default content page which user 
systems 126 may then customize according to their preferences, which may also be recorded 
in personal preferences data store 122. According to one embodiment, user systems 126 
may customize multiple pages for viewing, including labeling and arranging the order of 

11 
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presentation. Technical and design standards may be communicated to user systems 126 to 
facilitate customization efforts. 

Figure 6 is an exemplary screen shot of a personal web site created according to one 
embodiment of the present invention. This screen shot includes integrated data 204 with 
5 elements of public data and private data. Public data on the screen shot includes data under 
the "MY CARDS" heading, offering more information on card membership rewards and on 
applying for another card, and data under the "MY FINANCE" heading, showing market 
index graphs. Private data on the screen shot in Fig. 6 includes data under the "MY 
ACCOUNTS" heading, including current balances, recent payments and membership 
10 rewards points available. This screen shot is for exemplary purposes only, and it will be 
understood by those skilled in the art that any number of combinations of public and private 
data may be accessed and viewed on a user system 126 according to various embodiments of 
the present invention. 

In accordance with one embodiment of the present invention, security for users can 
15 be created through use of a 2-firewall infrastructure. More particularly, web/network 
connection 128 may include an Internet firewall, and application/web connection 130 may 
include an intranet firewall. Thus, connections initiated by network user systems 126 are 
protected by an Internet firewall between network 1 14 and web server 1 12 and by an intranet 
firewall between web server 112 and application server 110. Network user systems 126 
20 suitably link to network 114 through a provider web server 1 12 with authentication between 
web server 112 and application server 110. Backend systems tier 102 of enterprise 
information systems, provider business partners, and external services is suitably connected 
and protected by the Intranet firewall. 

25 Exemplary process 

Figure 3 is a combination flow-chart/architectural diagram depicting an exemplary 
system for integrating data from various sources to form a web page on a digital display as 
shown in Fig, 2. In one embodiment of the present invention, this integration of data is 
accomplished by application server 110, personal profile data store 124 and personal 

30 preferences data store 122 (see Fig. 1). The combination of application server 1 10, personal 
profile data store 124 and personal preferences data store 122 is referred to as an application 
server system 334 in Figure 3. (In Fig. 3, web server tier 106 is not depicted in order to 
simplify the diagram.) 
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In accordance with one embodiment of the present invention, a network user begins 
the process by entering registration/authentication data 318 in response to a request from 
application server 1 10, the results of which are suitably stored in a personal profile utility. A 
personal profile utility may include a personal profile data store 124 and/or a personal 
5 preferences data store and/or any other suitable means for storing and accessing personal 
profile data. After entering this data, and thus registering for the first time, simple 
authentication may be requested, including, for example, ensuring that user system 126 
provides a password to the personal profile data store 124. After providing a password, user 
system 126 is allowed access to web server 112 on the provider's site (Fig, 1). In another 

10 embodiment, a certificate-based authentication may be used, wherein clients send certificates 
to personal profile data store 124 and the certificate identifies the data store client (i.e., user 
system 126). In one embodiment of the present invention, all points of access into the 
system are protected through suitable firewalls. Similarly, the system of the present 
invention may also provide a login-blocking capability after unsuccessful login attempts. In 

15 yet another embodiment, other authentication and security mechanisms could be added to the 
system. For example, one or more of three levels of security could be implemented. These 
levels might be based on something the user knows, such as a password, something the user 
has, such as a smart card, and/or something the user "is," such as a biometric fingerprint or 
retina scan. It will be understood that one, all or any combination of these three levels of 

20 security might be employed and that any other reliable technology for providing security to 
network user systems 126 may be used. For example, a combination of different levels of 
security might involve a card with a magnetic strip and a personal identification number, 
such as is used with a ATM card. 

In one embodiment of the present invention, confirmation of network user system 

25 126 defines an identification code ("user ID"), which is then forwarded to user system 126 
once registration is complete. Repeat network user systems 126 may be automatically 
recognized and served with the appropriate customized web page, even if they do not log in, 
e.g., through the use of cookies or similar technology. User systems 126 may also log in via 
remote access recognition. After login, user systems 126 may modify profile data such as 

30 user ID or password and account information. User systems 126 may retrieve their 
preferences or set their remote access code ("RAC") to retrieve preferences remotely. In one 
embodiment, after registering for services offered by internal content provider 120, network 
user system 126 is presented with a welcome page for system registration 318 and 
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acceptance of terms and conditions. User systems 126 complete registration by providing 
information for the personal profile data store 124 and may select a RAC. Accessibility to 
any given service is restricted to user systems 126 with verified registrations. In one 
exemplary embodiment, registrations are verified against account records before data is 
5 shown. All points of entry into the system may be protected through at least one firewall. In 
one aspect of the invention, personal data is stored in a trusted domain of the web complex, 
with all confidential data encrypted before being transmitted over open networks. 

Internal 120 and external 116 content providers may use information from personal 
profile data store 124 for many purposes. For example, information may be used for 

10 directing marketing efforts towards specific user systems 126. To accomplish that end, user 
information may be retrieved from personal profile data store 124 and special promotional 
messages, offers and any other suitable marketing materials are presented to user systems 
126, based on that information. Similarly, internal 120 and external 116 content providers 
may customize the information they provide to network user systems 126, based on user 

15 profile information. This customization is accomplished through personalization rules tied 
to content requests by the user systems 126. For example, a holder of a particular credit card 
may be shown special events planned for holders of that card during a trip that the card 
holder has planned for a given city. 

Referring again to Figure 3, when a network user inputs registration or authentication 

20 data 318, application server 110 suitably allows user system 126 to access both transactional 
assets 302 and content assets 304. Transactional assets 302 comprise both company 
transactions 306 and business partner transactions 308. Company transactions 306 are 
transactions provided by internal content provider 120. Examples of company transactions 
306 may include transactions provided by a credit card company, such as checking a credit 

25 card bill, 40 IK plan balance or brokerage account on line. Business partner transactions 308 
are similar transactions provided by external content providers 116, which are business 
partners of internal content provider 120. Examples may include buying airline tickets or 
stocks on line. Content assets 304 comprise company content 310 and business partner 
content 312. Company content 310 is provided by internal content provider 120 and may 

30 include investment advice or savings advice from a credit card company. Business partner 
content 312 is provided by external content provider 116 and may include news items from 
Reuters news service or weather reports from weather.com. 
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In accordance with one embodiment of the present invention, transactional assets 302 
pass through a transactional aggregation utility 314, which aggregates transactional assets 
302. Application server 110 may then send aggregated transactional assets 302 to either 
personal profile data store 124, a security services utility 328 or a content management 
5 utility 330. Also in accordance with one embodiment, content assets 304 may pass through a 
content aggregation utility 316. Aggregated content assets 304 are then sent to content 
management utility 330. 

In accordance with one embodiment of the present invention, asset aggregation is 
achieved via aggregation utilities 314, 316, based upon the type of asset to be integrated. 

10 External, business partner content 312, for example, may be aggregated by content 
aggregation utility 316, which may be a content aggregation tool such as WebMethods or 
any other suitable content aggregation tool. Transactional assets 302, on the other hand, may 
be aggregated by various methods, those methods being executed by an application server 
such as WebSphere or any other suitable server. According to one aspect of the present 

15 invention, web pages incorporating internal content are presented using content management 
utility 330. In one embodiment, transactional assets 302 and content assets 304 may be 
prioritized according to user preferences. Further detail is available for each screen by 
clicking through to selected items and an on-line reference manual is available for 
customization options. 

20 According to another aspect of the invention, business unit owners can control the 

content and layout of subtopic areas available to network user systems 126. Internal 120 and 
external 116 content providers are provided with a standard mechanism to supply content to 
the system and a process to communicate technical and design standards. In another aspect 
of the invention, a set of guidelines, processes and controls for topic owners to maintain 

25 topic areas is provided. In one aspect of the present invention, transaction functionality is 
provided through links to existing applications. In another aspect, detailed content is 
presented through links to the provider web page. In one embodiment, the system provides 
support for transactional content. 

In another embodiment of the present invention, click-stream data 320, 322 is stored 

30 in a personal preferences database 122. Click-stream data may derive from content pages 
320 or transactional pages 322 accessed by a network user 126. In addition to click-stream 
data 320, 322, data from the personal profile data store 124 may also be transferred to and 
stored in the personal preferences database 122. Eventually, information such as user 
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registrationyauthenticationSIS, transactional assets 302, content assets 304, and click-stream 
data 320, 322, after passing through one or more components of the application server 
system 334, is transmitted to an interactive presentation service 332. This interactive 
presentation service 332 is any hardware and/or software suitably configured to create the 

5 look and feel of network user system's 126 web site. 

Figure 4 is a flow diagram depicting in further detail an exemplary flow of 
information through web server 112 (Fig. 1). (In Fig. 4, application server tier 104 is not 
shown, to simplify the diagram.) The diagram displays web server 112 architecture, which 
utilizes, for example, JSP integration with servlets in a command bean framework and XML 

10 document structure services create a web page on a digital display 202. In one embodiment 
of the present invention, information is transferred from backend systems tier 102 to either 
user profile access bean 410 or a messaging service 412 via HTTP 422, wherein user profile 
access bean 410 can be any form of personal profile service. From user profile access bean 
410, information is sent to a presentation bean 416 and then, for example, to a web page on a 

15 digital display 202, wherein presentation bean 416 can be any form of data request handler. 
Information from messaging service 412 is transmitted to presentation bean 416, a public 
data access bean 418 or a private data access bean 420 and then to a web page on a digital 
display 202. Public data access bean 418 can be any form of public data service and private 
data access bean 420 can be any form of private data service. Information may also flow 

20 from a web page on digital display 202 to backend systems tier 102. Such information may 
pass directly to user profile access bean 410 and then to backend systems tier 102 via XML 
424. Alternatively, information may be transferred from a web site to a messaging data 
access bean 414 and then to messaging service 412. From messaging service 412, 
information is then sent to backend systems tier 102 via XML 424. In one embodiment, web 

25 server 1 12 further includes a network security service 442. Information passing between 
user system 126 with digital display 202 and the various components of web server 112 
described above, may first be required to pass through network security service 442. 

Figure 5 is a combination flow diagram and architectural diagram showing an 
exemplary method of handling information flow from client tier 108 to backend systems tier 

30 102 and from backend systems tier 102 back to client tier 108. Initially, an HTTP post/get 
request 510 is initiated from client tier 108 to web server tier 106. This data is then 
encapsulated within the presentation layer application of web server tier 106. The 
information is then sent via an HTTP post 512 to application server tier 104 for data 
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acquisition and aggregation by one of the application server's business specific functions. 
The presentation layer elements may include, for example, any combination of JavaBeans, 
JSPs, Java classes, and any other convenient code hosted on web servers 106 configured to 
communicate with the serviets via HTTP. This process may be repeated several times in 
5 order to aggregate information on the main page. Information from client tier 108 that is 
processed by web server tier 106 and application server tier 104 is then sent to backend 
systems tier 102 via outgoing JDBC/LDAP 514. Backend systems tier 102 then processes 
the data and sends it back to application server tier 104 via incoming JDBC/LDAP 516. 
This data is then transferred to web server tier 106 as XML data 518 and to client tier 108 as 

10 HTML data 520. 

In one embodiment of the present invention, to minimize coupling between the 
presentation and application layers, a Command Bean framework is used. As is known, 
command beans act as interface adapters to system components belonging to different 
functional domains, and provide the functionality to invoke various services in accordance 

15 with the invention. By implementing a command bean, interfaces exposed by external 
content providers 116 (shown in Fig. 1) can be changed independently by implementing the 
changes through the command beans. Multiple external content providers 116, providing 
similar functionality, can be integrated with the same command bean. In an alternative 
embodiment, each command bean may correspond to a single business logic task such as a 

20 query task, update task or any other such tasks as may be desired. With continued reference 
to Fig. 1, the command bean framework substantially isolates application server tier 104 
from changes that could occur in the interface supported by external content providers 116. 
In one embodiment of the invention, the implementation of external content providers 116 or 
mediators that acquire data from backend systems tier 102 is modifiable (e.g. from Java 

25 serviets to Enterprise JavaBeans) without substantially impacting client tier 108 by effecting 
corresponding changes in the command beans. 

In order to control how documents are presented to network user system 126, XML 
tags may be used. To process and dynamically generate XML documents, according to one 
embodiment, web server tier 106 function is extended by the XML Document Structure 

30 Services in application server tier 104. This enables database connectors and integration 
applications to parse, generate, manipulate, and validate XML-based dynamic content. This 
content is sent to client tier 108 and interchanged with other serviets. Alternatively, web 
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server tier 106 may be used to selectively apply stylesheets to XML documents when client 
tier 108 devices do not support XSL stylesheets to XML documents. 

It should be understood that the exemplary processes illustrated above may include 
more or fewer steps or may be performed in the context of a larger processing scheme. 
Although the invention has been described herein in conjunction with the appended 
drawings, those skilled in the art will appreciate that the scope of the invention is not so 
limited. Modifications in the selection, design, and arrangement of the various components 
and steps discussed herein may be made without departing from the scope of the invention as 
set forth in the appended claims. 
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CLAIMS 

We claim: 

5 1 . A system for facilitating the integration and delivery of data available over a 

network, said system comprising: 

at least one user system connected to the network; 
one or more host computer components coupled to the network; 
at least one publicly available data store and at least one private data store, 
10 said at least one publicly available data store and said at least one private data store coupled 
to said one or more host computer components; 

said one or more host computer components configured to acquire public data 
from said at least one publicly available data store; acquire private data from said at least one 
private data store; integrate said public data and said private data to form integrated data; and 
15 format and deliver said integrated data to said user system over the network. 

2, The system of claim 1, wherein said at least one user system comprises a 
personal computer. 

20 3. The system of claim 1, wherein said at least one user system comprises a 

wireless device. 

4. The system of claim 3, wherein said wireless device is a personal digital 
assistant. 

25 

5 . The system of claim 3, wherein said wireless device is a wireless telephone. 

6. The system of claim 1, wherein said at least one user system comprises a 
computer configured to automatically retrieve and store said integrated data. 

30 

7. The system of claim 1, wherein said at least one user system is configured to 
display said integrated data using a browser configured to communicate over the network. 
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8. The system of claim 1, wherein said at least one user system is configured to 
display said integrated data using a network interface device configured to communicate 
over the network. 

5 9. The system of claim 1, wherein said one or more host computer components 

include a web server and an application server. 

10. The system of claim 9, wherein said web server comprises: 

a data request handler configured to receive data from said at least one user 
10 system, invoke and receive data from said network security service, invoke and receive data 
from said personal profile service, invoke and receive data from said public data service, 
invoke and receive data from said private data service and format and transfer requested data 
to said at least one user system; 

a network security service configured to be invoked by and return data to said 
15 data request handler and to invoke and receive data from said application server; 

a personal profile service configured to be invoked by and return data to said 
request handler and to invoke and receive data from said application server; 

a public data service configured to be invoked by and return data to said data 
request handler and to invoke and receive data from said application server; and 
20 a private data service configured to be invoked by and return data to said data 

request handler and to invoke and receive data from said application server; 

wherein said data request handler, said network security service, said personal 
profile service, said public data service and said private data service communicate with one 
another. 

25 

1 1 . The system of claim 9, wherein said application server comprises: 

a transactional aggregation utility configured to receive and aggregate 
transactional data; 

a content aggregation utility configured to receive and aggregate content data; 
30 a personal profile utility configured to receive personal profile data; 

a network security utility configured to receive and process one or more 
requests for authentication data; 

a content management utility configured to manage content; and; 
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an interactive presentation utility configured to process data for presentation; 

wherein said a transactional aggregation utility, said content aggregation 
utility, said personal profile utility, said network security utility, said content management 
utility and said interactive presentation utility communicate with one another. 

5 

12. The system of claim 11, wherein said personal profile utility includes a 
personal profile data store and a personal preferences data store. 

13. The system of claim 12, wherein said personal profile data store comprises a 
10 read-optimized data store. 

14. The system of claim 11, wherein said transactional aggregation utility 
receives and aggregates company transactional data and business partner transactional data. 

15 15. The system of claim 1 1, wherein said content aggregation utility receives and 

aggregates company content data and business partner content data. 

16. The system of claim 11 wherein said personal profile utility receives user 
registration data, click-stream data from content pages and click-stream data from 

20 transactional pages. 

17. A method for facilitating the integration and delivery of data available over a 
network, said method including the steps of: 

acquiring public data from at least one publicly available data store coupled 
to said network; 

acquiring private data from at least one private data store coupled to said 

network; 

integrating said public data and said private data to form integrated data; and 
delivering said integrated data to a user system. 
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1 8 . The method of claim 1 7, wherein: 
said step of acquiring said public data includes the step of interactively 

updating said public data in accordance with changes to said at least one publicly available 
data store; or 

said step of acquiring said private data includes the step of interactively 
updating said private data in accordance with changes to said at least one private data store. 

19. The method of claim 17, wherein said integrating step includes the step of 
customizing said public data and said private data in accordance with a personal profile 

10 utility. 

20. The method of claim 19, wherein said personal profile utility comprises a 
personal profile data store and a personal preferences data store. 

15 21. The method of claim 19 wherein said customizing step includes the step of 

translating said public data and said private data in accordance with a data request services 
profile. 

22. The method of claim 17, wherein said delivering step includes the step of 
20 initiating delivery of said integrated data automatically in accordance with a personal profile 

utility. 

23. The method of claim 17, wherein said delivering step includes delivering said 
integrated data to said user system using a browser configured to communicate over the 

25 network. 

24. The method of claim 17, wherein said delivering step includes delivering said 
integrated data to said user system using a network interface device configured to 
communicate over the network 

30 

25. The method of claim 17, wherein said delivering step includes delivering said 
integrated data to said user system, said user system comprising a personal computer. 
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26. The method of claim 17, wherein said delivering step includes delivering said 
integrated data to said user system, said user system comprising a wireless device. 

27. The method of claim 26, wherein said wireless device is a personal digital 
assistant. 

28. The method of claim 26, wherein said wireless device is a wireless telephone. 

29. The method of claim 17, wherein said delivering step includes delivering said 
integrated data to said user system, said user system comprising a computer configured to 
automatically retrieve and store said integrated data. 

30. A method for facilitating the receipt of public and private data, said method 
comprising the steps of: 

accessing a network; 

accessing a host computer system coupled to said network; 

requesting at least one item of public data from at least one publicly available 

data store; 

requesting at least one item of private data from at least one privately 
available data store; and 

receiving said at least one item of public data and said at least one item of 

private data. 

31. The method of claim 30, wherein said receiving step includes the step of 
receiving said at least one item or public data and said at least one item of public data at 
approximately the same time. 
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